Blind identity hashing for unlinkable user identifiers.
Uses HMAC-SHA256 with a server-held pepper to produce identifiers that cannot be correlated without access to the pepper.
Summary
Functions
Produces a blind identifier by HMAC-SHA256(pepper, raw_id).
Performs constant-time dummy work to defend against timing attacks on non-existent user lookups.
Functions
Produces a blind identifier by HMAC-SHA256(pepper, raw_id).
The pepper is sourced from Application.get_env(:snarkey, :pepper) or
the :pepper option. If neither is available, raises ArgumentError.
Options
:pepper— HMAC key. Overrides the application env value.
Examples
iex> blind = Snarkey.Identity.blind("user@example.com", pepper: "super-secret")
iex> is_binary(blind)
true
iex> byte_size(blind)
32
Performs constant-time dummy work to defend against timing attacks on non-existent user lookups.
Should be called when a lookup for a blind identifier returns no results, to ensure the response time is indistinguishable from a successful lookup.
Examples
iex> Snarkey.Identity.dummy_work()
:ok